<?php 
include ("../../checkuser.php"); 
//error_reporting(0);
include "include/kopf.php";
include "include/menu.php";
include "../../conf.php";
?> 
<!-- Datensatz eingereicht? -->
<?php
$aid = isset($_GET['aid']) ? $_GET['aid'] : "";

 $checkin = isset($_GET['checkin']) ? $_GET['checkin'] : "";
 $checkout = isset($_GET['checkout']) ? $_GET['checkout'] : "";
 $checkin1 = isset($_GET['checkin1']) ? $_GET['checkin1'] : "";
 $checkout1 = isset($_GET['checkout1']) ? $_GET['checkout1'] : "";


if (isset($_POST['submit'])) 
{
if ($_POST['kennwort']=='')// Wenn kein Kennwort angegeben
{
$sql = "UPDATE benutzerdaten SET  Vorname='".$_POST['vorname']."',Nachname='".$_POST['nachname']."',Nickname='".$_POST['nickname']."',theme='".$_POST['theme']."',lebenszeit='".$_POST['lebenszeit']."' WHERE Id='".$_POST["aid"]."'";
$result = mysql_query($sql,$connect);
}
else 
{
$sql = "UPDATE benutzerdaten SET  Vorname='".$_POST['vorname']."',Nachname='".$_POST['nachname']."',Nickname='".$_POST['nickname']."',Kennwort='".md5($_POST['kennwort'])."',theme='".$_POST['theme']."',lebenszeit='".$_POST['lebenszeit']."' WHERE Id='".$_POST["aid"]."'";
$result = mysql_query($sql,$connect);
}
?>

<?php
}
// Benutzer anlegen
if($checkin) mysql_query("UPDATE benutzerdaten SET `visuell`='1' WHERE `Id`='$checkin'",$connect);
if($checkout) mysql_query("UPDATE benutzerdaten SET `visuell`='' WHERE `Id`='$checkout'",$connect);

// Benutzer bearbeiten
if($checkin1) mysql_query("UPDATE benutzerdaten SET `benutzerbe`='1' WHERE `Id`='$checkin1'",$connect);
if($checkout1) mysql_query("UPDATE benutzerdaten SET `benutzerbe`='' WHERE `Id`='$checkout1'",$connect);

$bid=$_SESSION["user_id"];
$query = "Select * from benutzerdaten where Id=$bid";
$result = mysql_query($query) or die ("MySQL-Fehler: " . mysql_error());
while($myrow = mysql_fetch_assoc($result))
{
?>
<td valign="top">
  <table style="font-family: Verdana,Arial,sans-serif;    
    font-style:       normal;
    font-size:        11px;
    BORDER-TOP:       #A6A6A6 1px solid; 
    BORDER-LEFT:      #A6A6A6 1px solid; 
    BORDER-BOTTOM:    #A6A6A6 1px solid;
    BORDER-RIGHT:     #A6A6A6 1px solid;">
    <tr>
      <td><b>Benutzer bearbeiten</b></td>
    </tr>
      <form name="meins" method="post" action="<?php echo $HTTP_SERVER_VARS['PHP_SELF'] ?>">
    <tr>
      <td>Vorname:</td>
      <td><input name="vorname" type="text" size="20" maxlength="100" value="<?PHP echo $myrow['Vorname']; ?>"></td>
     </tr>
    <tr>
      <td>Nachname:</td>
      <td><input name="nachname" type="text" size="20" maxlength="100" value="<?PHP echo $myrow['Nachname']; ?>"></td>
    </tr>
    <tr>
      <td>Benutzer:</td>
      <td><input name="nickname" type="text" size="20" maxlength="100" value="<?PHP echo $myrow['Nickname']; ?>"></td>
    </tr>
    <tr>
      <td>Kennwort </td>
      <td><input name="kennwort" type="text" size="20" maxlength="100"><br>
      (Dieses Feld leer lassen wenn es nicht ge&auml;ndert werden soll)</td>
    </tr>
        <tr>
      <td>Session Lebenszeit <br>(Wert in Sekunden):</td>
      <td><input name="lebenszeit" type="text" size="20" maxlength="7" value="<?PHP echo $myrow['lebenszeit']; ?>"></td>
    </tr>
    <tr><td>|Visueller Editor|</td>
    <?php if ($myrow['visuell']=='') { echo "<td bgcolor=#fa8072 align='center'>"; ?>
<a title="An" href="<?php echo $HTTP_SERVER_VARS['PHP_SELF'] ?>?checkin=<?php echo $myrow['Id'] ?>&aid=<?php echo $myrow['Id'] ?>">Editor Anschalten</a>
<?php
echo "</td>";       
}  
elseif ($myrow['visuell']==1) { echo "<td bgcolor=	#228b22 align='center'>"; ?>
<a title="Aus" href="<?php echo $HTTP_SERVER_VARS['PHP_SELF'] ?>?checkout=<?php echo $myrow['Id'] ?>&aid=<?php echo $myrow['Id'] ?>">Editor Ausschalten</a>
<?php
echo "</td>";       
}     
?>
</tr>
<tr>
<td>Themeauswahl</td>
<td>

<select name="theme" size="1"> 
<option value=<?php echo $myrow['theme'] ?>><?php echo $myrow['theme'] ?></option>
<?php

$dir = opendir ("../../themes");
while ($ordner = readdir($dir)) {
     if (is_dir("../../themes/" . $ordner) && $ordner != "." && $ordner != "..") {
 echo "<option value='$ordner'>$ordner</option>";     
}}
closedir($dir);
?>
</select>

</td>
</tr>
    <tr>
      <input name="aid" type="hidden" value="<?php echo $myrow['Id']; ?>">  
      <td colspan="2"><input style="margin-left:1.5em" name="submit" type="submit" value=" Profil &auml;ndern ">
      <?php if (isset($_POST['submit'])) { echo "Profil ge&auml;ndert";} ?>
      
      </td>
    </tr>
  </table>
</td>
<?php
}
?>
</tr>
</table>
</body> 
</html>